Roger Greenwell
Director, Enterprise and Innovation / Chief Information Officer
Defense Information Systems Agency (DISA)
Roger S. Greenwell is the Director of Enterprise Integration and Innovation and the DISA Chief Information Officer. He is responsible for horizontal integration and support across the agency; focusing on effective use of information technology, security, and risk management across the DISA enterprise, adopting innovative approaches/solutions in using technology, instituting actions to improve automation and user experience, and driving
change in the way DISA uses data. His portfolio includes the Chief Technology Officer, Chief Information Security Officer and Director of Risk Management, Chief Data Officer, Chief Experience Officer, and Director of Operations Engineering, Modeling, and Automation.
Mr. Greenwell previously served as the agency Risk Management Executive and Authorizing Official. He was responsible for addressing all facets of cyber security and making authorization decisions that balance mission with the security in place; the scope of which encompassed hundreds of systems, applications, networks, and satellite communications provided by DISA. He led DISA’s efforts in developing DOD-wide security guidance and products including Security Requirements Guides (SRGs), Security Technical Implementation Guides (STIGs), and content used by standards-
based tools for automating compliance assessment against DoD standards. He also was the Department of Defense (DoD) authority for issuing cloud computing provisional authorizations (PAs).
Prior assignments include the Director and Technical Director of DISA’s Field Security Operations (FSO), directing the activities of 300+ personnel supporting Information Assurance activities around the world. He provided oversight to numerous initiatives including a comprehensive vulnerability/risk assessment numerous complex systems and networks. He served as the DOD certification authority for the general services component of the Computer Network Defense Service Provider (CNDSP) program; validating processes and procedures used by CNDSPs in providing Protect, Detect, Respond, Sustain services across the DoD. Greenwell also served previously as the FSO Chief of the Capabilities Implementation
Division and Chief of the IA Standards and Training Division. In these roles, he led efforts to develop operational procedures that supported the deployment of Enterprise capabilities using tools such as the Host Based Security System (HBSS) and the Vulnerability Management System (VMS); and enabled the transformation of the STIGs/SRGs in adopting the use of Security Content Automation Protocol (SCAP).
Before joining the Government in 2009, Mr. Greenwell worked for Hewlett Packard (HP) / Electronic Data Systems (EDS) where he provided security consulting and contract management for multiple military customers including DISA, Army, Air National Guard, and Army National Guard. His diverse background and experience includes vulnerability management, computer network defense, standards and policy development, tool development/integration, training, disaster recovery, and emerging technology capabilities. He co-authored the first DoD technical security guide in 1994 supporting the mainframe environment which led to the creation of the SRG and STIG program that exists today.
Mr. Greenwell has a Bachelor of Science in Computer Internetworking and is a graduate of the Federal Executive Institute. He holds multiple industry security certifications to include CISSP, CISA, and CISM.